Istanbul, Türkiye
Job Description: Management of local IT governance, risk and compliance in accordance with the Allianz Group's legislations, policies, procedures and local requirements. o Supporting the information systems audit/control activities in line with the annual audit/control plan o Completing of the audit/control, examination and consultancy tasks assigned within the periods specified in the annual plan and work programme o Controlling the compliance of information systems and operational processes with Allianz's policies, procedures and legislation o Assessing the accuracy and reliability of IT applications, the effectiveness and adequacy of internal control and risk management systems o Supporting audit activities of the information systems infrastructure and processes of the IT and supporting service organisations in accordance with internal/external legislation o Supporting annual audits within the scope of the Information and Communication Security Guidelines o Developing improvement points for the root causes of the risks identified within the scope of audit/control activities, notifying the relevant units and senior management and ensuring follow-up o Preparing recommendations for the improvement of the processes related to the findings identified and preparing the audit report o Following-up of actions related to the findings detected o Forming opinions on planned changes and innovations in the Allianz's products and processes or on internal policies, procedures and process documents o Collaborating closely with internal and external Audit and Risk teams, supporting information systems annual audit/control plans each year, indicating the planned examinations to be carried out in the following year o Participating in project and working groups, boards and committees related to critical processes within the field of duty and making suggestions to minimise the risk at the relevant meetings
(Credit Bureau of Turkey) Job Description: Management of the security and compliance risks of the organization related to information technologies. o Managing the information assets inventory and conducting asset-based risk assessment activities o Reviewing the scope, objectives, targets and KPIs of the Information Security Management System and evaluating update needs o Managing the service inventory and conducting service-based risk assessment activities o Reviewing the scope, objectives, targets and KPIs of the Service Management System and evaluating update needs o Supporting Business Continuity Management System activities regarding business impact analysis, assessment of business continuity related risks and disaster recovery tests and drills o Evaluating the effectiveness of management systems, identifying improvement areas and carrying out management review activities o Carrying out regulatory compliance and enterprise risk assessment activities o Coordinating and supporting internal and external certification and regulatory audit activities o Managing the user access and authorization process o Conducting risk assessment activities regarding third parties o Conducting project risk assessment activities
Job Description: Management of information security compliance and risks as a part of the global organization. o Manage IT governance, compliance, risk and information security functions and ensure that correct IT policies, procedures, standards and practices are in place for conformance with mandatory legislations, laws and regulations and in line with Daimler Group policies. o Adopt, develop, enhance and maintain IT governance policies, standards and procedures across the IT and business. o Represent information security requirements and issues to local IT functions. o Provide information security support and guidance to the local organization. o Act as the prime information security point of contact within the organization for global and local information security. o Initiate, coordinate and perform appropriate security improvement activities (e.g. specifying local security rules in accordance to the global information security framework, etc.) within the local organization. o Ensure that mandatory information security and data protection programs are in place and compliant with relevant laws, regulations and (internal) policies to minimize or eliminate related risks. o Develop and implement an information security and data protection awareness program to raise awareness and minimize non-compliance to policies, laws and regulations. o Ensure the implementation of the information security risk analysis process and maintaining risk inventory. o Monitor local compliance with global information security and data protection framework and local laws and regulations. o Ensure execution of information security assessments & audits (e.g global and local internal and external audits, ISO2700x, etc.) and coordinate mitigation of related findings. o Manage information security related incidents and reporting them to relevant parties (e.g. global information security functions, local information security committee, etc.)
Job Description: Information security and business continuity consultancy and assessment in Cybersecurity unit of IT Risk and Assurance Services function. o Performing ISO 27001 based Information Security Management System gap analysis, establishment, implementation consultancy and internal audits. o Performing ISO 22301 based Business Continuity Management System gap analysis, establishment, implementation consultancy and internal audits. o Conducting information security related risk and maturity assessments. o Performing awareness trainings regarding information security and business continuity.
Job Decription: Conducting of the works of Information Security, IT Risk Management, IT Compliance and Record Management under the global unit Information Governance and Management (IGM). • Implement and monitor the information security, IT compliance, records management and information risk management program in the site/region/function to ensure the integrity, confidentiality and availability of information owned, controlled or processed by the organization • Communicate and ensure compliance with global security, risk management and compliance policies and standards • Work directly with the business units and functions to facilitate information risk management processes, identify acceptable levels of risk, and establish roles and responsibilities. • Provide records management, information classification and protection. • Provide compliance and risk management guidance for IT projects, including the evaluation and recommendation of technical controls • Ensure that information governance and management programs are in compliance with applicable laws, regulations and policies to minimize or eliminate risk and audit findings • Liaise between the IT and local/functional compliance, audit, legal, data privacy and QA as required • Ensure implementation of the information risk management process in the area of responsibility, including reporting and oversight of remediation/mitigation efforts to address negative findings • Monitor and report information risk status, trends and issues • Manage security incidents and events to protect IT assets, including intellectual property, fixed assets and the company's reputation • Coordinate the development of implementation plans and procedures to ensure that business-critical services are recovered in the event of a declared disaster, and provide direction and in-house consulting in these areas